Remarks 



Entrance of this amendment and allowance of all claims are respectfully requested. 
Claims 1, 3-6, 9-11, 13, 16-21, 23-27, 29-32, 35-37, 39, 42-47, 49-54, 56-59, 62-64, 66, 69-74 & 
76-79 remain pending. 

By this paper, independent claims 1, 27, 53 & 54 are amended to more clearly point out 
and distinctly claims certain aspects of the present invention. These amendments are submitted 
in a bona fide attempt to further prosecution of this application. Support for the amendments can 
be found throughout the application as filed. For example, reference FIGS. 3 & 9-13 of the 
application, as well as the supporting discussion thereof, and the subject matter of the canceled 
dependent claims. Claims 2, 7, 8, 12, 14, 15, 22, 28, 33, 34, 38, 40, 41, 48, 55, 60, 61, 65, 67, 68 
& 75 are canceled herein without prejudice. The subject matter of these claims is believed well 
covered by the remaining pending claims. 

In the Office Action, original claims 1, 13-17, 21, 23, 26-27, 39-43, 47, 49, 52-54, 66-70, 
74, 76 & 79 were rejected under 35 U.S.C. § 102(e) as being anticipated by Makower et al. (U.S. 
Patent Application Publication No.: US 2002/01 84507 Al ; hereinafter Makower), while claims 
2-12, 18-20, 22, 24-25, 28-38, 44-46, 48, 50-51, 55-65, 71-73, 75, 77 & 78 were rejected under 
35 U.S.C. § 103(a) as being unpatentable over Makower as applied to claims 1, 27 & 54, and 
further in view of Loisey et al. (U.S. Patent Application Publication No.: US 2002/0133330 Al ; 
hereinafter Loisey). These rejections are respectfully, but most strenuously, traversed to any 
extent deemed applicable to the amended claims presented herewith, and reconsideration thereof 
is requested. 

Initially, Applicants note that independent claims 1, 27, 53 & 54 submitted herewith, 
respectively recite certain subject matter of original dependent claims 2, 7, 8, 28, 33, 34, 55, 60 
& 61. Since the subject matter of these dependent claims was rejected under 35 U.S.C. § 103(a) 
as being unpatentable over Makower in view of Loisey, it is submitted that the originally stated 
35 U.S.C. § 102(e) rejection of the prior independent claims based on Makower is moot. Thus, 
the comments which follow are directed to the non-obviousness of Applicants' invention relative 
to Makower in view of Loisey. 
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An "obviousness" determination requires an evaluation of whether the prior art taken as a 
whole would suggest the claimed invention taken as a whole to one of ordinary skill in the art. 
In evaluating claimed subject matter as a whole, the Federal Circuit has expressly mandated that 
functional claim language be considered in evaluating a claim relative to the prior art. 

As presented herewith, Applicants claim an authentication identity translation method 
which includes: establishing an authenticated user identity at an initial server responsive to an 
identification and authentication event within a domain comprising the initial server and at least 
one subsequent server, the identification and authentication event occurring at the initial server, 
the initial server and the at least one subsequent server each employing disparate user registries 
with different user identities, the disparate user registries being separately maintained by the 
servers and being logically represented in a global registry maintained by a domain controller, 
the global registry including information that establishes a correspondence between a user 
identity in the initial server with a corresponding, local user identity within the at least one 
subsequent server, generating a translation token representative of the identification and 
authentication event, and providing the translation token to the domain controller, storing the 
translation token by the domain controller and obtaining a token reference from the domain 
controller, the token reference comprising an index to the stored translation token within the 
domain controller; forwarding the token reference from the initial server to the at least one 
subsequent server along with a request; and translating the authenticated user identity of the 
initial server to a local user identity of the at least one subsequent server, wherein the at least one 
subsequent server initiates the translating employing the token reference received from the initial 
server. In Applicants' recited approach, the translating further includes forwarding the token 
reference from the at least one subsequent server to the domain controller, and employing the 
token reference at the domain controller to retrieve the translation token and translate the 
authenticated user identity of the initial server to the local user identity of the at least one 
subsequent server employing the global registry of the corresponding user identities maintained 
by the domain controller. 
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Applicants respectfully submit that at least the functionality of logically representing in a 
global registry maintained by a domain controller the disparate user registries separately 
maintained by the servers of the domain, wherein the information in the global registry 
establishes a correspondence between a user identity in the initial server and a corresponding, 
local user identity within the at least one subsequent server is unique to the present invention. 

Further, Applicants respectfully submit that the processing of generating a translation 
token representative of the identification and authentication event, and then storing that 
translation token by the domain controller and receiving in return a token reference which is then 
forwarded with a request from the initial server to the at least one subsequent server, is unique. 
Still further, Applicants respectfully submit that their recited processing of translating the 
authenticated user identity of the initial server to a local user identity of the at least one 
subsequent server per se is unique, and in particular, that the recited process for translating using 
the token reference and the stored translation token at the domain controller, along with the 
global registry, is unique. 

Makower describes a centralized single sign-on method and system for a client server 
environment. A single sign-on protocol for use by webservers is independent of the actual 
authentication mechanism used by any of the individual webservers accessed by the user. Users 
authenticate themselves with any one of a group of federated servers so that a user does not need 
to be re-authenticated by servers in the federation. In a preferred implementation of Makower, 
there is also a centralized server that provides for the transparent sign-on, session management, 
and session termination within each server in the federation of servers, and each federated server 
communicates with a central sign-on server. (See Abstract of Makower.) 

Initially, Applicants respectfully submit that there is no teaching or suggestion of 
numerous aspects of their above-summarized process for authenticated identity translation. For 
example, a careful reading of Makower fails uncover any discussion of a domain wherein 
disparate user registries are separately maintained by the servers and are logically represented in 
a global registry maintained by a controller, wherein the global registry includes information that 
establishes a correspondence between a user identity in one server and a corresponding, local 
user identity in another server. Further, a careful reading of Makower fails to uncover any 
discussion of a facility for generating a translation token representative of the identification 
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authentication event, providing the translation token to the domain controller, storing the 
translation token by the domain controller and obtaining a token reference from the domain 
controller, which is an index to the translation token within the domain controller, and then 
forwarding the token reference from the initial server to the at least one subsequent server along 
with a request. In this regard, Applicants respectfully submit that the discussion in paragraph 
[0039] of Makower, cited in the Office Action with respect to the subject matter of original 
claims 7, 33 & 60, is simply not relevant to the processing recited by Applicants. Makower is 
describing a central sign-on server, which is a different process from that recited by Applicants. 

Still further, Applicants recite translating using the authenticated user identity of the 
initial server to a corresponding local user identity of the at least one subsequent server. A 
specific approach for performing the translation using the token reference and the translation 
token is recited in independent claims 1, 27 & 54. 

For at least the above reasons, it is respectfully submitted that Makower does not teach or 
suggest Applicants' invention as recited in the independent claims. The initial Office Action 
recognized that Makower did not teach or suggest the particular aspects of Applicants' invention 
set forth in original dependent claims 2, 7, 8, 28, 33, 24, 55, 60 & 61. For a teaching of these 
aspects, the Office Action relieved upon Loisey. The relevancy of Loisey to Applicants' above- 
recited processing is respectfully traversed. 

Loisey describes a system and method for allowing user access to software applications, 
data storage retrieval, and electronic mail and messaging services in a network computing 
environment. The need for software installation, upgrade, and version control, and the need for 
certain hardware upgrades are eliminated by proving software and data storage and retrieval to a 
user or groups of users from a remote terminal server via a networked computing environment. 
Software applications, data and electronic mail and messages services are stored, maintained and 
operated at a remote terminal server and are provided to the user over the internet or over an 
intranet of an organization such as a company or educational institution. Data is stored and 
secured at a remove file server, and web operations are provided by a remote web server. The 
backend of the system, including the terminal servers, file servers and web servers is managed 
and secured by a domain controller. (See Abstract of Loisey.) 
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In the Office Action, certain of the subject matter recited in the independent claims 
presented herewith was rejected as being taught, for example, in paragraphs [0022], [0058], 
[0059], [0066] - [0068] of Loisey. These paragraph citations to Loisey are respectfully traversed 
to any extent deemed applicable to the processing recited by Applicants in the independent 
claims presented. A careful reading of Loisey, and in particular, the noted paragraphs, fails to 
uncover any discussion relevant the processing of Applicants' invention. It is respectfully 
submitted that considering the processing or functional claim language recited by Applicants, the 
independent claims submitted herewith patentably distinguish over Loisey and Makower. 

For example, paragraph [0022] of Loisey does not discuss any functionality similar to 
Applicants' claimed invention. Paragraph [0066] of Loisey discusses proper authentication of a 
user by matching the provided information to information maintained by the domain controller. 
This could be referring to, for example, comparing a password that is stored within the domain 
controller. This paragraph does not, however, describe a domain wherein servers maintain 
disparate registries with different user identities, and wherein there is a domain controller which 
has a logical representation in a global registry of the disparate user registries, and which is used 
to translate from, for example, an authenticated user identity of an initial server to a 
corresponding, local user identity of another server in the domain. Further, the remaining cited 
paragraphs of Loisey provide no discussion of identity translation as recited in the claims 
presented herewith. 

For at least the above reasons, Applicants respectfully request reconsideration and 
withdrawal of all rejections to the independent claims presented. The dependent claims are 
believed allowable for the same reasons as the independent claims, as well as for their own 
additional characterizations. 

All pending claims are believed to be in condition for allowance, and such action is 
respectfully requested. 
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If a telephone conference would be of assistance in advancing prosecution of the subject 
application, Applicants' undersigned attorney invites the Examiner to telephone him at the 
number provided. 



Dated: November 2005. 

HESLIN ROTHENBERG FARLEY & MESITI P.C. 

5 Columbia Circle 

Albany, New York 1 2203-5 1 60 

Telephone: (518)452-5600 

Facsimile: (518)452-5579 



Respectfully submitted, 




Kevin P. Radigan, Esq.£ 
Attorney for Applicants 
Registration No.: 31,789 
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